AWS Action - Instance ID from Payload

aws

(Tom) #1

Hey there,

I’m currently working on an automation of our corresponding AWS account.
The objective is, to have an automated action based on information about specific EC2 instances.

I’m currently trying to list all available EC2 instances, get their tags and perform an action if a specific key value pair exists.

My problem however is, that I can’t manage to use the Instance id as a parameter. The instance id is obtained via the payload, but the AWS action expects the instance id to be a string, so I can’t use trigger.payload_instanceId as it is used in the criteria field.

Is there any possible way, to use information from the payload in the action section?

Thanks in advance.

Regards,
Tom


(Lindsay Hill) #2

It is very common to use payload items in the action.

I’m not sure why you’re saying it can’t be used in the action because it’s used in the criteria? It can be used in both.

What does your payload content look like, and what action are you trying to run?


(Tom) #3

Hi Lindsay,

thanks for your reply.

My payload looks like follows:

{
  "payload_instanceId": "i-027466b185969573e",
  "payload_key": "name",
  "payload_value": ""
}

The sensor obtains EC2 instances with an empty name tag. These tags as well as the instance Id are saved in the payload. I know want to stop the corresponding instance using the AWS integration pack’s aws.ec2_stop_instances action.

The problem is, I can’t use the trigger.payload_instanceId as a parameter, as it expects it to be the instance Id as a string.

botocore.exceptions.ClientError: An error occurred (InvalidInstanceID.Malformed) when calling the StopInstances operation: Invalid id: "trigger.payload_instanceId" (expecting "i-...")


Edit:
This problem occures when using the web ui to create a rule.


(Lindsay Hill) #4

What does your rule look like? It sounds like your Jinja syntax is wrong.


(Tom) #5

Using the boto3 service action does work now. I don’t know why, but I can’t get it to work using the stop_instances action from the aws action pack.

Following rule does work now.

---
name: "tagging_compl_stop_ec2"  
description: "Stop non-tagged EC2 instances" 
enabled: true                       

trigger:                               
    type: "botosensor.EC2event"

criteria:                             
    trigger.payload_key:
        type: "equals"
        pattern : "name"
    trigger.payload_value:
        type: "regex"
        pattern : "^$"
    trigger.payload_stateCode:
        type: "equals"
        pattern: "16"

action:                                
    ref: "aws_boto3.boto3action"
    parameters:                       
       region: "eu-central-1"
       service: "ec2"
       action_name: "stop_instances"
       params: "{\"InstanceIds\" : [\"{{trigger.payload_instanceId}}\"]}"

(Lindsay Hill) #6

Good to hear it’s working. Would need to see the rule syntax for the other rule to see why it wasn’t working.

Probably better to use the boto3 actions, rather than the AWS pack. Amongst other things, it’s a lot less content to load in the Web UI.